Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-09 03:14:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Do not allow an invoice to be created for a deleted client

Browse Source
This commit is contained in:
David Bomba 2022-01-06 13:31:44 +11:00
parent 0634698c5b
commit abbca58b4d
3 changed files with 94 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Requests/Invoice/StoreInvoiceRequest.php
View File

@ -47,7 +47,7 @@ class StoreInvoiceRequest extends Request
$rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000'; $rules['documents'] = 'file|mimes:png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:20000';
} }
$rules['client_id'] = 'bail|required|exists:clients,id,company_id,'.auth()->user()->company()->id; $rules['client_id'] = 'bail|required|exists:clients,id,company_id,'.auth()->user()->company()->id.',is_deleted,0';
// $rules['client_id'] = ['required', Rule::exists('clients')->where('company_id', auth()->user()->company()->id)]; // $rules['client_id'] = ['required', Rule::exists('clients')->where('company_id', auth()->user()->company()->id)];
$rules['invitations.*.client_contact_id'] = 'distinct'; $rules['invitations.*.client_contact_id'] = 'distinct';

78
tests/Feature/ClientDeletedInvoiceCreationTest.php Normal file
View File

@ -0,0 +1,78 @@
<?php
/**
* Invoice Ninja (https://invoiceninja.com).
*
* @link https://github.com/invoiceninja/invoiceninja source repository
*
* @copyright Copyright (c) 2021. Invoice Ninja LLC (https://invoiceninja.com)
*
* @license https://opensource.org/licenses/AAL
*/
namespace Tests\Feature;
use App\Models\Client;
use App\Models\ClientContact;
use App\Models\Invoice;
use App\Utils\Traits\MakesHash;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Foundation\Testing\DatabaseTransactions;
use Illuminate\Support\Facades\Session;
use Tests\MockAccountData;
use Tests\TestCase;
/**
* @test
* @covers App\Http\Controllers\InvoiceController
*/
class ClientDeletedInvoiceCreationTest extends TestCase
{
use MakesHash;
use DatabaseTransactions;
use MockAccountData;
public function setUp() :void
{
parent::setUp();
Session::start();
$this->faker = \Faker\Factory::create();
Model::reguard();
$this->makeTestData();
}
public function testClientedDeletedAttemptingToCreateInvoice()
{
/* Test fire new invoice */
$data = [
'client_id' => $this->client->hashed_id,
'number' => 'dude',
];
$response = $this->withHeaders([
'X-API-SECRET' => config('ninja.api_secret'),
'X-API-TOKEN' => $this->token,
])->post('/api/v1/invoices/', $data)
->assertStatus(200);
$this->client->is_deleted = true;
$this->client->save();
$data = [
'client_id' => $this->client->hashed_id,
'number' => 'dude2',
];
$response = $this->withHeaders([
'X-API-SECRET' => config('ninja.api_secret'),
'X-API-TOKEN' => $this->token,
])->post('/api/v1/invoices/', $data)
->assertStatus(302);
}
}

15
tests/Feature/InvoiceTest.php
View File

@ -220,4 +220,19 @@ class InvoiceTest extends TestCase
])->put('/api/v1/invoices/'.$arr['data']['id'], $data) ])->put('/api/v1/invoices/'.$arr['data']['id'], $data)
->assertStatus(200); ->assertStatus(200);
} }
public function testClientedDeletedAttemptingToCreateInvoice()
{
/* Test fire new invoice */
$data = [
'client_id' => $this->client->hashed_id,
'number' => 'dude',
];
$response = $this->withHeaders([
'X-API-SECRET' => config('ninja.api_secret'),
'X-API-TOKEN' => $this->token,
])->post('/api/v1/invoices/', $data)
->assertStatus(200);
}
} }